ALERT   |    This is an archived page. Click here to visit our new website.

 
 

Malicious code in CCleaner compromised more than 2 million computers


PUBLISHED Mon, September 18, 2017 - 6:35pm EDT
Screenshot of CCleaner (Credit: Piriform)


A malicious code was inserted into a version of computer clean-up tool CCleaner, creating a backdoor in more than 2 million computers and potentially allowing those responsible to take control of the devices, the company said on Monday.





The breach was discovered on September 12 when Piriform - the company that created CCleaner - discovered that its software was sending data to an unknown IP address. An investigation revealed that two programs released in August had been "illegally modified" before being released to the public.

The breach affects CCleaner version 5.33.6162 and CCleaner Cloud version 1.07.3191 on 32-bit Windows systems. About 2.27 million computers are believed to have installed the compromised software, although it's still unclear whether hackers took control of any of the devices.

In a technical description, the company explained that CCleaner.exe had been modified to create a two-stage backdoor capable of running code sent by those responsible. It also sent encrypted data to the hackers, providing them with the computer's name, a list of installed software to include Windows updates, a list of running processes, MAC addresses, and the status of administrator privileges.

Paul Young, the vice president of products at Piriform, said in a blog post on Monday that the server used by the hackers was taken down and other potential servers are 'out of their control.' Users of version 5.33.6162, however, have been advised to update to the latest version while users of CCleaner Cloud received an automatic update.

"At this stage, we don’t want to speculate how the unauthorized code appeared in the CCleaner software, where the attack originated from, how long it was being prepared and who stood behind it," Young said. "The investigation is still ongoing. We want to thank the Avast Threat Labs for their help and assistance with this analysis."

Young apologized to users of CCleaner and said the company is taking "detailed steps internally" to prevent such a breach from happening again. "If you have not already done so, we encourage you to update your CCleaner software to version 5.34 or higher," he added.

CCleaner was first released in 2003 and allows people to delete temporary or potentially unwanted files to help optimize their computer. Piriform, which was acquired by Avast in July, says CCleaner has been downloaded more than 2 billion times, with an average of 5 million new users every week.





  London, England     

 



LEAVE COMMENTS



.

 


Happening Now

This is an archived page. Click here to visit our new website.

Queensland Amber Alert: Baby boy missing from Mango Hill

White House Communications Director Hope Hicks to resign

Georgia’s lieutenant governor threatens to kill Delta tax break over NRA split

4 people found dead at home in Ryerson, Ontario





BNO NEWS RADIO


Listen to "BNO News - Breaking News Radio" on Spreaker.




SIGN-UP - BREAKING NEWS ALERTS



Just want the important news? Sign up now for the fastest email alerts from BNO News. Click here to get started!




LIVE WIRE


Queensland Amber Alert: Baby boy missing from Mango Hill

White House Communications Director Hope Hicks to resign

4 people found dead at home in Ryerson, Ontario

Florida Amber Alert: Juliet Odierna abducted from Cape Coral

Santa Clarita Valley International Charter School on lockdown





VIDEOS


Trump blocks release of Democratic memo on Russia probe

Strong earthquake hits northeast Taiwan, killing at least 2

British court upholds arrest warrant against Julian Assange

‘Glee’ star Mark Salling found dead in apparent suicide

Canadian billionaire and wife were murdered, police say